[I2nsf] 答复: Definitions in draft-merged-i2nsf-problem-statement-use-cases-00
"Xialiang (Frank)" <frank.xialiang@huawei.com> Mon, 14 December 2015 01:34 UTC
Return-Path: <frank.xialiang@huawei.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E42281A882E for <i2nsf@ietfa.amsl.com>; Sun, 13 Dec 2015 17:34:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.911
X-Spam-Level:
X-Spam-Status: No, score=-3.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f3xfHQCAK57M for <i2nsf@ietfa.amsl.com>; Sun, 13 Dec 2015 17:34:55 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 19EC61A8A6E for <i2nsf@ietf.org>; Sun, 13 Dec 2015 17:34:54 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml401-hub.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id CBN80433; Mon, 14 Dec 2015 01:34:53 +0000 (GMT)
Received: from lhreml704-cah.china.huawei.com (10.201.5.130) by lhreml401-hub.china.huawei.com (10.201.5.240) with Microsoft SMTP Server (TLS) id 14.3.235.1; Mon, 14 Dec 2015 01:34:52 +0000
Received: from SZXEMA414-HUB.china.huawei.com (10.82.72.73) by lhreml704-cah.china.huawei.com (10.201.5.130) with Microsoft SMTP Server (TLS) id 14.3.235.1; Mon, 14 Dec 2015 01:34:51 +0000
Received: from SZXEMA502-MBS.china.huawei.com ([169.254.4.87]) by SZXEMA414-HUB.china.huawei.com ([10.82.72.73]) with mapi id 14.03.0235.001; Mon, 14 Dec 2015 09:34:47 +0800
From: "Xialiang (Frank)" <frank.xialiang@huawei.com>
To: Robert Moskowitz <rgm-ietf@htt-consult.com>
Thread-Topic: [I2nsf] Definitions in draft-merged-i2nsf-problem-statement-use-cases-00
Thread-Index: AQHRND5oJu0aRPo5UkO30fvq1mpHBZ7Js9pA
Date: Mon, 14 Dec 2015 01:34:45 +0000
Message-ID: <C02846B1344F344EB4FAA6FA7AF481F12AEBE158@SZXEMA502-MBS.china.huawei.com>
References: <566B1018.2090904@htt-consult.com>
In-Reply-To: <566B1018.2090904@htt-consult.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.135.43.91]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020205.566E1CBD.00AD, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=169.254.4.87, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32
X-Mirapoint-Loop-Id: e21b814124b6f36f54f444e8fd94f2b6
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/m9Oj6lXyCGU9R_mVCpepSNrXDJE>
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>
Subject: [I2nsf] 答复: Definitions in draft-merged-i2nsf-problem-statement-use-cases-00
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Dec 2015 01:34:57 -0000
Bob, please see inline: -----邮件原件----- 发件人: I2nsf [mailto:i2nsf-bounces@ietf.org] 代表 Robert Moskowitz 发送时间: 2015年12月12日 2:04 收件人: i2nsf@ietf.org 主题: [I2nsf] Definitions in draft-merged-i2nsf-problem-statement-use-cases-00 I have been working with Sue and Linda on reviewing and cleaning up this ID. I looked at; Network Security Function (NSF): A function which ensures integrity, confidentiality and availability of network communications; detects unwanted activity, blocks or mitigates the effect of such unwanted activity on the network. And I took exception with at least 'ensures'. This is too strong of a statement. Nothing we do with this technology will 'ensure' CIA. First what is 'CIA': Confidentiality by restricting access to the internal assets. Integrity by, (well gee, what IS Integrity)? Integrity by enabling users to trust using their assets. Availablity by blocking attacks that make assets unusable. So first, do we agree what CIA means and that it is important? If so, we might get something like: A function that detects unwanted activity and blocks/mitigates the effect of such unwanted activity in order to support availability of a network. In addition, the NSF helps support communication stream “integrity and confidentiality”. [Frank]: Support to replace the word "ensures", this definition makes sense more. Even this is too self-assured. An NSF detects unwanted activity? Really? It detects what we have so far have classified as unwanted activity. I know that IPS NSF devices are marketed to 'learn' and adapt, but without sophisticated AI, even here there are limits. Perhaps I am too pedantic, but this document includes 'user expectations', and I don't want an expectation of '6 sigmas of detection'. [Frank]: Maybe some constraints are useful here. For example: "A function that detects unwanted activity (known or possibly some new) ...". My sixpence worth. _______________________________________________ I2nsf mailing list I2nsf@ietf.org https://www.ietf.org/mailman/listinfo/i2nsf
- [I2nsf] Definitions in draft-merged-i2nsf-problem… Robert Moskowitz
- [I2nsf] 答复: Definitions in draft-merged-i2nsf-pro… Xialiang (Frank)
- Re: [I2nsf] Definitions in draft-merged-i2nsf-pro… DIEGO LOPEZ GARCIA